ZOHO integration in Community Edition 6.3.0

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules
Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
Catscratch
Platinum Boarder
Platinum Boarder
Posts: 336
Joined: Wed Feb 16, 2011 10:35 am

Re: ZOHO integration in Community Edition 6.3.0

Post by Catscratch »

Ok guys. I found the problem.

To use ZOHO integration you have to configure your server to deliver the whole certificate chain by itself, because the ZOHO client does not look for the chain. In my case I reconfigured APR in tomcat to deliver the ca chain separatly to the server certificate.

It looks like this:

Code: Select all

    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    
    <Connector port="8443" address="0.0.0.0" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true" acceptCount="100"
			   enableLookups="false" clientAuth="true" sslProtocol="SSLv3"
			   SSLCipherSuite="ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT"
			   SSLCertificateFile="/home/openkm/tomcat-7.0.27/cert/serverpublic.pem"
			   SSLCertificateKeyFile="/home/openkm/tomcat-7.0.27/cert/serverprivate.pem"
			   SSLCertificateChainFile="/home/openkm/tomcat-7.0.27/cert/serverpublicchain.pem"
			   allowUnsafeLegacyRenegotiation="false"
			   />
Now ZOHO integration is working!
Last edited by Catscratch on Mon Jun 02, 2014 7:15 am, edited 1 time in total.

jllort
Moderator
Moderator
Posts: 11123
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: ZOHO integration in Community Edition 6.3.0

Post by jllort »

Thanks for your support this information will be valuable to other users. I've added at http://wiki.openkm.com/index.php/Troubl ... tion_fails

baolinhtv
Fresh Boarder
Fresh Boarder
Posts: 14
Joined: Mon May 26, 2014 8:26 am

Re: ZOHO integration in Community Edition 6.3.0

Post by baolinhtv »

anyone have solution for ip address with 8080 port for zoho working ?

jllort
Moderator
Moderator
Posts: 11123
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: ZOHO integration in Community Edition 6.3.0

Post by jllort »

I think is not possible, by default zoho always do a call to port 80. You should not expose tomcat port 8080, you should always configure apache reverse proxy as is described here http://wiki.openkm.com/index.php/Apache. With it you solve two problems, zoho and security issues.

Catscratch
Platinum Boarder
Platinum Boarder
Posts: 336
Joined: Wed Feb 16, 2011 10:35 am

Re: ZOHO integration in Community Edition 6.3.0

Post by Catscratch »

You can also simply use iptables to reroute your traffic from 80 to 8080. I'm doing this for 443 to 8443. Than you don't have to change anything in your running system configuration.

Rule looks like this:
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

But as i mentioned, I think the port is not the problem for ZOHO. It's the IP.

jllort
Moderator
Moderator
Posts: 11123
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: ZOHO integration in Community Edition 6.3.0

Post by jllort »

Are both things. Zoho only work with port 80 and need accessing public internet IP ( alhought internally you configure NAT or similar ), but from zoho view you need accesible internet url across port 80

Post Reply